IN THE CLAIMS 

The following is a listing of the claims of the present application: 

1 . (Currently Amended) A method for use in a distributed data network wherein a user may 
request and receive content from one or more entities in the distributed data network, the method 
comprising the steps of: 

providing one or more mechanisms for enabling at least one of the user and one or more of 
the entities to control which entities in the distributed data network have access to information 
generated in association with the user's activity on the distributed data network, wherein the user 
specifies at least one role and, based on the created role, at least one profile for the user is 
maintained by one or more of the entities in the form of information inserted into the profile by one 
or more of the entities, the information representing the user's activity on the distributed data 
network with respect to the one or more entities that inserted the information, such that profile 
maintenance is substantially transparent to the user; and 

customizing content to be received by the user in accordance with at least a portion of the 
information in the user profile; 

wherein the step of providing the one or more control mechanisms for the user comprises the 
step of enabling the user to specify two or more roles within which the user may perform activities 
on the distributed data network, wherein the two or more roles have two or more profiles 
respectively associated therewith, and wherein the two or more profiles are subst antially unlinkable. 

2. through 4. (Canceled). 

5. (Currently Amended) The method of claim 4 1, wherein the substantial unlinkability of 
the profiles substantially prevents an entity from learning about the user's activity at another entity, 
when the user conducts activities at the different entities in the different roles. 

6. (Currently Amended) The method of claim 2 1, wherein the roles are specified in 
accordance with at least one dedicated server located in the distributed data network. 

7. (Original) The method of claim 1, wherein at least one of the one or more entities are 

2 



merchants operating on the distributed data network. 



8. (Currently Amended) Th e m et hod of claim 1, A method for use in a distributed data 
network wherein a user may request and receive content from one or more entities in the distributed 
data network, the method comprising the steps of: 

providing one or more mechanisms for enabling at least one of the user and one or more of 
the entities to control which entities in the distributed data network have access to information 
generated in association with the user's activity on the distributed data network, wherein the user 
specifies at least one role and, based on the created role, at least one profile for the user is 
maintained bv one or more of the entities in the form of information inserted into the profile by one 
or more of the entities, the information representing the user's activity on the distributed data 
network with respect to the one or more entities that inserted the information, such that profile 
maintenance is substantially transparent to the user; and 

customizing content to be received by the user in accordance with at least a portion of the 
information in the user profile; 

wherein the step of providing the one or more control mechanisms for the one or more 
entities comprises the step of enabling the one or more entities to specify which other entities are 
able to access information that the one or more entities learned in association with the user 
conducting activities with the one or more entities. 

9. (Original) The method of claim 8, further wherein the one or more entities are enabled 
to specify which other entities are able to access information derived from original information that 
the one or more entities learned in association with the user conducting activities with the one or 
more entities. 

10. (Original) The method of claim 9, wherein the one or more entities are enabled to 
specify a degree of information derivation in accordance with which other entities may be able to 
access the information. 

1 1 . (Original) The method of claim 1 0, wherein the one or more entities are enabled to group 
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the other entities into one or more classes wherein each class has a degree of information derivation 
associated therewith. 

12. (Original) The method of claim 1, wherein the one or more entities access the 
information in accordance with one or more dedicated databases located in the distributed data 
network. 

13. (Currently Amended) A method for use in accordance with at least one server in a 
distributed data network wherein a user may request and receive content from one or more entities 
in the distributed data network, the method comprising the steps of: 

the at least one server maintaining two or more user-specified policies respectively 
associated with two or more roles within which the user may perform activities on the distributed 
data network; and 

the at least one server issuing access credentials associated with the user-specified policies 
to one or more entities that seek to access information generated in association with the user's 
activity on the distributed data network so as to customize content to be received by the user in 
accordance with at least a portion of the accessible information. 

14. (Original) The method of claim 13, wherein the access credentials comprise rights by 
which the entity may access the information. 

15. (Original) The method of claim 14, wherein the access rights comprise at least one of 
information read rights, information insert rights and information delete rights. 

16. (Original) The method of claim 14, wherein the access credentials further comprise an 
identifier of the entity to which the access credentials are being issued. 

17. (Original) The method of claim 14, wherein the access credentials further comprise an 
expiration time specifying a duration of the access rights. 
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18. (Original) The method of claim 14, wherein the access credentials further comprise a 
digital signature on the access credentials. 

19. (Original) The method of claim 18, wherein the access credentials further comprise a 
public key matching a private key by which the access credentials have been digitally signed. 

20. (Original) The method of claim 13, wherein the maintaining step further comprises 
prompting the user to specify a new role or an existing role within which the user may perform 
activities on the distributed data network 

21. (Original) A method for use in accordance with one or more databases in a distributed 
data network wherein a user may request and receive content from one or more entities in the 
distributed data network, the method comprising the steps of: 

storing information that the one or more entities learn in association with the user conducting 
activities with the one or more entities; and 

enabling the one or more entities to specify which other entities are able to access the stored 
information so as to customize content to be received by the user in accordance with at least a 
portion of the accessible information. 

22. (Original) The method of claim 2 1 , wherein the information that the one or more entities 
learn in association with the user conducting activities with the one or more entities comprises at 
least one of original information and information derived from the original information. 

23. (Original) The method of claim 2 1 , wherein the enabling step further comprises enabling 
the one or more entities to specify one or more taint classes for portions of the stored information. 

24. (Original) The method of claim 23, wherein a given taint class corresponds to an affinity 
an entity has to collaborate with entities in the given taint class. 

25. (Original) The method of claim 23, wherein at least portions of the information are 
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respectively stored as records, wherein each record has stored in association therewith a data 
structure comprising at least one of an accumulated taint strength, a set of taint classes, and pointers 
to one or more original records from which this record was derived. 

26. (Original) The method of claim 25, wherein an entity is not permitted to read a record 
derived from an original record if the entity is not a member of a specified taint class and there is 
a path of a given length or less from the derived record to the original record. 

27. (Original) The method of claim 21, further comprising the step of applying a scoring 
function to portions of the stored information to which a given entity has access. 

28. (Original) The method of claim 27, wherein results of the scoring function indicate the 
relevance of the portions of the stored information to one or more content customization decisions 
to be made by the given entity. 

29. (Original) Apparatus for use in a distributed data network wherein a user may request 
and receive content from one or more entities in the distributed data network, the apparatus 
comprising: 

at least one processor operative to: (i) maintain two or more user- specified policies 
respectively associated with two or more roles within which the user may perform activities on the 
distributed data network; and (ii) issue access credentials associated with the user-specified policies 
to one or more entities that seek to access information generated in association with the user's 
activity on the distributed data network so as to customize content to be received by the user in 
accordance with at least a portion of the accessible information. 

30. (Original) The apparatus of claim 29, wherein the access credentials comprise rights by 
which the entity may access the information. 

31. through 36. (Canceled). 

37. (Original) Apparatus for use in a distributed data network wherein a user may request 
and receive content from one or more entities in the distributed data network, the apparatus 
comprising: 
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at least one processor operative to: (i) store information that the one or more entities learn 
in association with the user conducting activities with the one or more entities; and (ii) enable the 
one or more entities to specify which other entities are able to access the stored information so as 
to customize content to be received by the user in accordance with at least a portion of the accessible 
information. 

38. through 51. (Canceled). 
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